vulhub

It is an offensive tool for Web Application. The repository contains a collection of pre-built vulnerable docker environments, including a web application vulnerable to various attacks. The tool is designed to help developers and security researchers test and demonstrate the effectiveness of web...

MetInfo pa***.php file has sql injection vulnerability

MetInfo is a content management system developed using PHP and Mysql. A sql injection vulnerability exists in the MetInfo pa.php file, which can be exploited by an attacker to obtain sensitive information from the database...

SQL Injection Vulnerability in QuarkCall All-Media Call Center Platform of Beijing Topmin Information Technology Co.

QuarkCall all-media call center integrates Topmind call center and unified communications products and services, aiming to help enterprises optimize customer experience, improve satisfaction and loyalty; optimize workflow and improve work efficiency. There is a SQL injection vulnerability in the...

Free version of TouchNet Universal Mall website builder system suffers from SQL injection vulnerability

TouchNet universal mall station-building system is a set of universal station-building system developed by Tianjin TouchNet Technology Co. The free version of TouchNet Universal Mall Station Building System has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive...

Cisco Integrated Management Controller Supervisor SQL Injection Vulnerability

Cisco Integrated Management Controller IMC Supervisor is a set of tools used by Cisco to manage UCS Unified Computing System, which supports HTTP, SSH access, etc., and allows operations such as powering up, shutting down, and restarting the server. A SQL injection vulnerability exists in the web...

SQL Injection Vulnerability in HDCMS v2.0 groupLists Function

HDCMS is a content management system software package developed in PHP+Mysql. It provides customers with powerful and complete functionality to accomplish rapid website development. HDCMS v2.0 version groupLists function has a SQL injection vulnerability, remote attackers can use this vulnerabili...

SQL Injection Vulnerability in Nanjing Yunhuatong Network Technology Website Building System

Nanjing Yunhuatong Network Technology Station Building System is an enterprise station building system developed by Nanjing Yunhuatong Network Technology Co. There is a SQL injection vulnerability in Nanjing Yunhuatong Network Technology website building system, which can be exploited by attacker...

Description of the security update for the elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: November 13, 2018

Description of the security update for the elevation of privilege vulnerability in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: November 13, 2018 Summary An elevation of privilege exists in Windows OLE Structured Storage marshaler. An attacker who successfully exploits the...

S-CMS Hospital Building System In***.php file suffers from SQL injection vulnerability

S-CMS hospital station building system is developed by asp+access/mssql, easy to operate, convenient, support PC+mobile+WeChat. There is a SQL injection vulnerability in the In.php file of S-CMS Hospital Building System. Attackers can use the vulnerability to obtain sensitive information in the...

CVE-2018-18787

An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs.php via a pxzs cookie...

Buffer Overflow Vulnerability in OhEasy Multimedia Network Classroom Software

Oh easy multimedia network classroom software is a set of multimedia computer to assist teachers to complete the teaching software. A buffer overflow vulnerability exists in the OhEasy Multimedia Network Classroom Software. An attacker can exploit the vulnerability to cause a buffer overflow by...

Joomla Component Responsive eXtro jQuery Gallery 'filter_category' parameter SQL injection vulnerability

eXtro Responsive Gallery creates fully responsive galleries based on images stored in the server catalog. The module also creates optimized preview images based on settings. A SQL injection vulnerability exists in the 'filtercategory' parameter in Joomla Component Responsive eXtro jQuery Gallery...

Quick Count 'txtInstID' Parameter SQL Injection Vulnerability

Quickcount is a way to measure audience response on your own web host without having to prepare special slides or other settings. A SQL injection vulnerability exists in the 'txtInstID' parameter of Quick Count version 2.0, which can be exploited by an attacker to gain access to sensitive databas...

S-CMS Enterprise Website Builder System suffers from SQL Injection Vulnerability

S-CMS enterprise station building system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise station building solutions for the product. There is a SQL injection vulnerability in S-CMS. Attackers can use the vulnerability to obtain sensitive information in the database...

zzcms SQL Injection Vulnerability (CNVD-2018-26019)

ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the zs/zslist.php file in ZZCMS version 8.3. A remote attacker can exploit this vulnerability to obtain the current user name of mysql with the help of pxzs cookie...

zzcms SQL Injection Vulnerability (CNVD-2018-26016)

ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the zt/top.php file in ZZCMS version 8.3. A remote attacker can exploit this vulnerability to obtain the current user name of mysql...

zzcms SQL Injection Vulnerability (CNVD-2018-26020)

ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in the admin/tagmanage.php file in ZZCMS version 8.3. A remote attacker can exploit this vulnerability to obtain the current user name of mysql with the help of the...

CVE-2018-12086

Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests...

S-CMS News Portal System me***.php page suffers from SQL injection vulnerability

S-CMS news portal system is Zibo Shining Network Technology Co., Ltd. developed a specialized enterprise to provide solutions to build a station. A SQL injection vulnerability exists in the me.php page of the S-CMS news portal system. An attacker can exploit the vulnerability to obtain sensitive...

SQL Injection Vulnerability in Laoban CMS

Laoban CMS content management system referred to as: Laoban CMS is developed by Laoban based on PHP + MYSQL environment of the open source station-building system. Laoban CMS suffers from SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information...